GDPR

No, I am not asking you to re-sign up to my website. You’re OK.

But if you’re based in the EU like me, then you’ve probably been swamped with direct emails from businesses asking if I can confirm that I’m happy to continue to receive their missives. This Friday, GDPR comes into effect and appears that essentially every company ever, has only considered the implications of this in the last month or so, despite it coming into law back in 2016.

The thing is that there is a lot of, often contradictory, advice floating around, and a lot of medium to smaller sized companies feel like they’re going to lose out.

The general principle of GDPR – that citizens should be in control of their own data – is excellent. And yet, we know it’s never as simple as that.

Furthermore, advice is often not entirely clear. Unless you’ve actually hired lawyers expert in this field, you may be lost. Indeed, even if you do speak to lawyers expert in this field, you might still be lost. And that’s difficult, because people and businesses want to understand what practical steps they need to take.

Hence we’ve had a barrage of emails in the last couple of months, which has become a torrent in the last weeks.

But amidst that torrent, there seems to be two general types of email that are being sent out:

  1. Please confirm that you want to continue to receive email from us.
  2. We’ve updated our privacy policy. Have a look here.

It feels like the smaller the company you are, the more likely you are to send the former – perhaps because you don’t have advice to do anything else.

While the larger company you are, the more likely you are to have sent the latter.

A case in point would be businesses who use Mailchimp for their email solution. In general terms, these are likely to be smaller companies – since big groups tend to invest in their own often internally-managed email systems. Users of Mailchimp have in effect told their customers that they must collect consent from all their subscribers. Therefore, it’s been noticeable that many of the Mailchimp powered lists I’m on have been busy getting me to resubscribe.

And the reality is that in many of these cases, I purposefully gave a company my email address in order that they could send me emails, and as long as they said they weren’t doing anything dubious with my details – selling them to someone else for example – then I don’t believe that these resubscribe missives are always necessary.

But given that there are enormous fines attached to GDPR misuse, everyone plays it safe. And that comes with an enormous cost – more of which later.

Compare and contrast with much larger companies. They are also affected by GDPR, but their messaging is very different. For the most part, they have been sending me emails saying that they have updated their privacy policy and providing me with a link to go and have a look. They also provide a link to unsubscribe, and probably include a message about how seriously they treat all of this. But they key is that, if I do nothing, I remain on their lists.

Now it may be that these larger companies have been more GDPR compliant for a while now, and that their batteries of lawyers have meant that they have consent already for everything they do. But this is essentially the approach taken by some of the giants of the industry. And these titans are far more likely to do things that have a real-world impact on me. Consider Facebook and Cambridge Analytica for starters.

The reason I said that there’s a cost to smaller businesses is that their email lists are likely to be decimated come Friday.

For starters, email open rates tend to be considered good if they reach 25%. So a single email is unlikely to be seen by upwards 75% of people to start with. Add to that the need to positively do something off the back of that, and you’re potentially facing an enormous fall-off.

Now add into the mix that everyone else is doing the same thing at pretty much the same time, and you can probably mark down that already small number again, as email recipient fatigue sets in.

By this Friday, a lot of businesses are going to have a lot smaller email lists that they did this week. I wonder if any of them will share that information?

Email marketing is perhaps the cheapest marketing a business can do. Even with low open rates, the cost can be close to zero in producing those emails, and if some companies’ marketing campaigns are to be explained, they counter this by using volume. You didn’t open yesterday’s or today’s email, but by God, you’ll open tomorrow’s!

Furthermore, email marketing can mean upselling products to your best customers. You already have a relationship of some sorts, so getting that person to spend more is easier than getting a new customer on board with a brand they may not have heard of.

This time next week, emails from Amazon won’t have stopped, but they may have dried up from that small UK-based cycle clothing manufacturer that I once bought something from, and who’s GDPR consent email I missed in my busy inbox.

2 Comments

  1. I’ve been swamped with email as well even though I’m in the US. Also, at work, we’re taking an everyone on the same policy regardless of where you live and thus have been swamped with GDPR work for the last few weeks. I’ve been doing GDPR things all day today in fact. Good times they are.

  2. A lot of global companies are updating their privacy policies regardless. Kind of like building cars to EU/Californian emissions standards, once you’ve made the big changes, you may as well roll them out everywhere (except where you don’t).

    A good number of US businesses I have/do use, have completely ignored it however…

Comments are closed.